How do I prevent external systems from mounting my ext4 partition?

1

1

I have an ext4 partition which I use as my home partition. I noticed that by running another Linux system either from the disk or even from LiveCD I am able to mount and inspect the contents of said partition, even if my user is password protected. What should I do in order to protect the contents of my partition unless somebody successfully logs the user to whom it belongs?

Should I encrypt the partition? Would it require changing filesystem and switch to something like Ecryptfs? Is there a way to encrypt my ext4 partition and decrypt it only after a successful login of its owner? Should I use TrueCrypt? If so, how? Note that I am not looking for a way to encrypt my drive, I'm just looking for a way to disallow mounting my home partition by external users (i.e. LiveCD systems). Note also that my Linux and Home partition are separated.

Piku

Posted 2011-07-15T20:23:04.963

Reputation: 11

Answers

2

Encryption is your only real option.

Passwords and permissions only work when the running OS respects them. If someone boots up from a flash drive or Live CD/DVD, they can mount and bypass permissions. Or if someone roots your system, there's nothing to stop them from reading or destroying the data on your home partition.

TrueCrypt is certainly a popular option, but it's certainly not the only one available on Linux.

Other keywords to look into are loop mounts, and full disk encryption.

But you need encryption.

Now note, encryption only prevents someone else from being able to make any sense of your data. It doesn't prevent them from wiping the partition and destroying all your data. That's what offline backups are for.

afrazier

Posted 2011-07-15T20:23:04.963

Reputation: 21 316

Yes, that's what I suspected. I do backup and my backup drives are encrypted, however what do you personally suggest to encrypt my home partition? – Piku – 2011-07-15T20:42:13.970

I don't have any particular recommendations for you, sorry. I don't use FDE personally. – afrazier – 2011-07-16T00:20:57.170

1

If they are standing in front of the computer, you have already lost control. You still can encrypt the drive, making it unreadable. But if someone has physical access they always can destroy the drive. worse yet, steal it.

If the data on the drive would actually cost you money if handed to someone else, encrypt. For Linux, the standard is "cryptsetup", it's the most tested and can be very fast.

stonefoz

Posted 2011-07-15T20:23:04.963

Reputation: 121

Asked: 2011-07-15T20:23:04.963

Viewed: 618 times

Active: 2011-07-16T00:46:49.880